top of page

Cyber Security
Maturity Assessment

Paua Interface virtual tech team

Welcome to Pāua Interface's Cyber Security Maturity Assessment.

 

We tailor and conduct Cyber Security Maturity Assessments to help protect your organisation no matter your size or where you are on your cyber security journey.

What is it?

A Cyber Security Maturity Assessment measures your practices and capabilities against benchmarks to identify gaps, vulnerabilities, risks, and areas for improvement.

We utilise the international National Institute of Standards and Technology (NIST 2.0) Cyber Security Framework.

 

The NIST framework is widely used by public and private organisations of all sectors and sizes around the world.

Three good reasons to have an assessment

 

1. Know the gaps in your defences: An assessment shows you where you stand and informs you about the areas to improve to protect against threats.

 

2. Don’t wait until it happens: An assessment shows you where you stand and informs you about the areas to improve to protect against threats

 

3. Inform your cyber security investment decisions: An assessment shows your cyber security posture so you can make informed decisions on where to allocate resources and invest.

Three good reasons to use Pāua Interface

 

Save costs.Reduce risks: Save recruitment costs and reduce the risks of in-house skills shortages and staff turnover.


Get ittailored & right-sized: Like the perfect suit, get it fitted first. Don’t waste time on questions that don’t apply to your organisation. Set your own future-state maturity levels. There are four plans: Lite35, Lite106, Full106 and Managed. Scroll below for more information.

Build confidence: Get an independent assessment and show your leaders, staff and customers that cyber security is a priority.

Who the assessments are for


Pāua Interface's Cyber Security Maturity Assessment is tailored for Government agencies, corporates, community organisations, health providers, schools, not-for-profits, Māori-Iwi organisations, and NGOs seeking:

  • To identify gaps and risks making them susceptible to cyber threats.

  • To assess the effectiveness of their current security measures.

  • To build a robust plan to protect their assets, financial and reputational impacts, and business disruptions.

  • Independent assessments and advice.

 

Outcomes

  • Get comprehensive reports, roadmaps, and recommendations to inform your leaders when making their next cyber security-related decisions.

  • Empower your leaders and teams to advance your organisation's cyber security maturity.

  • Give your leaders the information to help them make decisions on where to allocate resources and invest.

 

Lite35

NZD $10,000 +gst

​​

If you need a softer start to your cyber security journey, Lite35 is a good first step.

 

Or, if you’re an agency with external stakeholder organisations that need solid cyber security assessments at a 'collective' price, let’s talk.

  • International best practice NIST 2.0 based assessment.

  • Viable budget for small organisations compared to costs of $70,000 upwards for typical assessments.

  • Our advisors help you answer 35 key and critical questions tailored to your organisation.

  • We interview up to three of your key informants at three levels (governance, strategy, operations).

  • We help you set your own future state cyber maturity levels.

  • Fast turnaround to quickly get to the crux of your cyber security posture.

Deliverables:

  • A tailored report and online Q&A session for Boards and Leaders.

  • Cyber security issues identified and prioritised.

  • A set of recommendations to help make your next decisions.

 

Best for:

  • Small organisations, health providers, schools, not-for-profits, SMEs.

  • Agencies interested in a 'collective' option and managing the service for their stakeholder organisations to reduce the overall costs.

  • Organisations with no in-house technical capability.

  • Organisations at the very start of their cybersecurity journey.

  • Larger agencies or companies wanting to explore Pāua Interface as their cyber security partner.

 

If you’d like to talk about whether Lite35 is right for your organisation contact us now to find out more.

Lite106
NZD $35,000 +gst

 

If your decision-makers want a thorough view of their cyber security journey and have in-house tech staff, Lite106 is a good choice.

  • International best practice NIST 2.0 based assessment.

  • Viable budget for organisations compared to typical costs of $70,000 to $150,000 for full evidence-based assessments.

  • 106 critical deep dive questions.

  • Your in-house IT team self-assesses, we independently analyse and report.

  • We develop a cyber security roadmap for your organisation.

  • Advisors available to support.

  • We help you set your own future state cyber maturity levels.

  • If you’ve already completed Lite35 don’t worry, it folds into this service. Nothing is lost.

Deliverables:

  • A comprehensive report and online Q&A session for Boards and Leaders.

  • A roadmap for governance and operations.

  • A set of recommendations to help you make your next decisions.

Best for:

  • Any size organisation, corporates, government, not-for-profits, SMEs.

  • Organisations with in-house technical capability.

  • Organisations at any stage of their cyber security journey and wanting benchmarks.

If you’d like to talk about whether Lite106 is right for your organisation contact us now to find out more.

Full106
Price: Ask for a quote

If your decision-makers are ready for a fully independent assessment now, then Full106 is a good choice.

  • International best practice NIST 2.0 based assessment.

  • Fully independent assessment and advisor-led.

  • 106 critical deep dive questions.

  • Advisors drill down, gather evidence, and review documents.

  • We develop a cyber security roadmap for your organisation.

  • We help you set your own future state cyber maturity levels.

  • If you’ve already completed Lite35 or Lite106 don’t worry, it folds into this service. Nothing is lost.

 

Deliverables:

  • A comprehensive evidence-based report and Q&A session for Boards and Leaders.

  • A detailed roadmap for governance and operations.

  • A set of recommendations to help make your next decisions.

Best for:

  • Any size corporates, government, not-for-profits.

  • Organisations with Leaders who are on-board now.

  • Organisations at any stage of their cyber security journey and wanting benchmarks.

If you’d like to talk about whether Full106 is right for your organisation contact us now to find out more.

MANAGED
Price: Ask for a quote


If your decision-makers want a cyber security partner who can be counted on to keep them current, then MANAGED is a good choice.

  • Centralised and independent service led by our cyber security team and supporting your in-house IT staff.

  • Our cyber security team will design and/or implement your cyber security functions.

  • Our cyber security team manages procurement and vendors.

  • Minimum one day per month to as much as you need and pricing can be capped for certainty.

  • Reduce your recruitment or staff turnover risks.

  • Advisors available by the hour if required.

 

Deliverables:

  • Ongoing management of your cyber security programme and functions.

  • Knowledge transfer for your in-house team and staff.

  • Regular reporting to your Board or Leaders.

Best for:

  • Any size corporates, government, not-for-profits.

  • Organisations with Leaders who are on-board now.

  • Organisations at any stage of their cyber security journey and wanting to save costs and avoid recruitment issues.

If you’d like to talk about whether MANAGED is right for your organisation contact us now to find out more.

bottom of page